CVE-2025-66067 – This DOM-based Cross-Site Scripting (XSS) vulne... (How to Fix)

Q: How do I fix CVE-2025-66067?

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Funnel Builder by FunnelKit'. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and manually update.

Q: What is the severity of CVE-2025-66067?

CVE-2025-66067 has a CVSS score of 5.4 (MEDIUM). This DOM-based Cross-Site Scripting (XSS) vulnerability in FunnelKit Funnel Builder for WordPress allows attackers to inject malicious scripts into web pages viewed by other users. It affects all WordPress sites using Funnel Builder by FunnelKit plugin versions up to and including 3.13.1.2. Successful exploitation could lead to session hijacking, credential theft, or website defacement.

📋 TL;DR

This DOM-based Cross-Site Scripting (XSS) vulnerability in FunnelKit Funnel Builder for WordPress allows attackers to inject malicious scripts into web pages viewed by other users. It affects all WordPress sites using Funnel Builder by FunnelKit plugin versions up to and including 3.13.1.2. Successful exploitation could lead to session hijacking, credential theft, or website defacement.

💻 Affected Systems

Products:

Funnel Builder by FunnelKit (WordPress plugin)

Versions: All versions through <= 3.13.1.2

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress installations with the vulnerable plugin activated.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker steals administrator session cookies, gains full control of WordPress site, installs backdoors, or redirects visitors to malicious sites.

🟠

Likely Case

Attacker steals user session cookies, performs actions on behalf of authenticated users, or defaces website content.

🟢

If Mitigated

Limited impact if proper Content Security Policy (CSP) headers are implemented and user input validation is enforced.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

DOM-based XSS typically requires user interaction (clicking malicious link) but can be exploited without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.13.1.3 or later

Vendor Advisory: https://patchstack.com/database/Wordpress/Plugin/funnel-builder/vulnerability/wordpress-funnel-builder-by-funnelkit-plugin-3-13-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Funnel Builder by FunnelKit'. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and manually update.

🔧 Temporary Workarounds

Implement Content Security Policy

all

Add CSP headers to restrict script execution sources and mitigate XSS impact.

Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Or configure in web server settings

Disable Plugin

linux

Temporarily disable vulnerable plugin until patched.

wp plugin deactivate funnel-builder

🧯 If You Can't Patch

Implement strict Content Security Policy headers
Use web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Funnel Builder by FunnelKit version. If version <= 3.13.1.2, vulnerable.

Check Version:

wp plugin get funnel-builder --field=version

Verify Fix Applied:

Confirm plugin version is 3.13.1.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript in POST/GET parameters
Suspicious user-agent strings with script patterns
Multiple failed XSS attempts in web server logs

Network Indicators:

HTTP requests containing script tags in parameters
Unusual redirects to external domains

SIEM Query:

source="web_logs" AND ("<script" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2025-66067

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (11.8th percentile)

Published: November 21, 2025

Last Updated: January 20, 2026

🔗 References

https://patchstack.com/database/Wordpress/Plugin/funnel-builder/vulnerability/wordpress-funnel-builder-by-funnelkit-plugin-3-13-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66067, you might also want to check these: